Rewind a few years and companies balked at putting their sensitive data in the cloud. No respectable bank would think twice about letting customer information reside outside the confines of their own data center. It wasn’t even on the radar of insurance companies.
Thanks to smartphones, big data, and Amazon, that’s all changed. Today, all sorts of businesses are clamoring to move their data to the cloud. And with a dearth of experts to help protect that growing data from the hackers, they are willing to take on the risks to improve business operations.
“If you look across the cloud what we are seeing is more and more companies putting even the most critical data in the cloud,” said Terry Ray, Chief Technology Officer at Imperva, the Redwood City, California provider of data and application security products in an interview with The SaaS Report. “There is a shift in the perception of the cloud being too risky to engage into an opportunity to save money.”
SaaS Companies Place Stock In Cybersecurity
Good news for companies that are embracing more of a software as a service business model. Ray said that among all the cloud services, the SaaS industry is the more secure one. They realize what will happen if they are the subject of a data breach. The trust of their clients would be compromised and their business could very well go bust. It's particularly true with the smaller providers that don’t have the cash to weather the impact of a breach. Take Code Spaces for one example. Back in June of 2014, the UK-based code hosting service was forced to shutter its doors after a hacker deleted most of its customers’ data and backups. Fearing that can happen to them, Ray said enterprise SaaS companies go to great lengths to protect their customers’ data. “Customers going into the cloud see significant value in SaaS in my experience. It has the least risk compared to going into a public cloud platform or a database as a service platform,” said Ray. “SaaS is more secure than it was two, three, five even ten years ago. Most companies should feel comfortable using SaaS.”
Security Experts Hard To Come By
Driving this march toward the cloud, even for critical data, is a recognition on the part of companies that landing the necessary skills in-house is harder and harder to come by. Ray pointed to a recent analysis of users on LinkedIn to illustrate the shortage of qualified security experts. Currently, nearly 1.8 million people list themselves as network security professional but as it gets more specialized the numbers fall off the cliff. There are close to 112,500 application security people, 170,000 data security professionals, nearly 71,000 cloud security people, and only 34,000 database specialists. That lack of specialists forces companies to think outside the box when meeting staffing needs. “Experts are really hard to find,” said Ray. “Organizations have to take a standard network security professional and bend them into application and data security professionals.”
Machine Learning, AI Filling In Gaps
Supplementing the lack of specialized security experts increasingly is technology. Companies are turning to machine learning and artificial intelligence to fill some of the gaps. It won’t replace human security experts but it can help them when the knowledge isn’t readily available. Ray pointed to SQ language as an example. Someone in the organization may not understand the language that the database speaks even if they can log into the database. Machine learning can convert that into plain English, filling the role of specialists who would be in charge of translating it for the organization. It can even send off an alert if something was amiss. That could prevent an expensive data breach from occurring. A costly endeavor for some businesses but a valuable one. With hacks and data breaches common occurrences companies can’t risk being the latest victim. “Yes, it can be expensive. But if you risk losing customer data and losing your business, what is more expensive than that,” said Ray.
